first experience with f12 beta
Adam Williamson
awilliam at redhat.com
Thu Oct 22 17:17:32 UTC 2009
On Thu, 2009-10-22 at 16:14 +0530, Rahul Sundaram wrote:
> On 10/22/2009 07:19 AM, John Summerfield wrote:
> > Oh, over-zealous security nazis.[1] Easily defeated. Boot with the option
> > init=/bin/bash
> >
> > It gets you a shell (bash) and, with any luck, initrd has found your
> > disks so you can run fsck on everything.
> >
> > 1 So described because, alone, the effort is so futile. Give me physical
> > access, I own the system. Unless you use encryption.
>
> Encryption is not as full proof as you imagine.
>
> http://www.bress.net/blog/archives/162-Security-is-a-multilayered-problem.html
The title of that post also handily illustrates why it makes sense for
Fedora to implement the layers of security it can, even when they don't
make anything any more secure *on their own*. For sysadmins who take the
time to lock everything else down properly themselves, the recovery
console could indeed be a vulnerable path if we didn't lock it down in
Fedora.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the fedora-test-list
mailing list